92 lines
3.2 KiB
Bash
92 lines
3.2 KiB
Bash
#!/bin/bash
|
|
#
|
|
# Portainer Installation Script
|
|
# Usage: bash install_portainer.sh
|
|
#
|
|
|
|
set -euo pipefail
|
|
|
|
echo "=== Portainer Configuration ==="
|
|
read -r -s -p "Enter desired Portainer admin password (min 12 chars): " PORTAINER_PASSWORD
|
|
echo ""
|
|
read -r -p "Enter your Portainer EE license key: " PORTAINER_LICENSE
|
|
echo ""
|
|
|
|
log() { echo "[$(date '+%Y-%m-%d %H:%M:%S')] $*"; }
|
|
|
|
log "Starting Portainer deployment..."
|
|
|
|
# Verify Docker is installed
|
|
if ! command -v docker &> /dev/null; then
|
|
log "ERROR: Docker is not installed or not in the PATH."
|
|
log "Please install Docker first."
|
|
exit 1
|
|
fi
|
|
|
|
# Verify Docker permissions (must be root or in the docker group)
|
|
if [ "$(id -u)" -ne 0 ] && ! groups | grep -q "\bdocker\b"; then
|
|
log "ERROR: Your user is not in the 'docker' group and you are not root."
|
|
log "Please run 'sudo usermod -aG docker \$USER', log out and back in, or run this script with sudo."
|
|
exit 1
|
|
fi
|
|
|
|
log "Creating secure admin password file..."
|
|
# Portainer requires a minimum 12-character password
|
|
if [ ${#PORTAINER_PASSWORD} -lt 12 ]; then
|
|
log "WARNING: Password is less than 12 characters. Portainer may reject it."
|
|
fi
|
|
|
|
mkdir -p /opt/portainer
|
|
echo -n "$PORTAINER_PASSWORD" > /opt/portainer/admin_password
|
|
chmod 600 /opt/portainer/admin_password
|
|
|
|
# Ensure password file is removed when the script exits
|
|
trap 'rm -f /opt/portainer/admin_password' EXIT
|
|
|
|
log "Creating Portainer data volume (if it doesn't already exist)..."
|
|
docker volume create portainer_data
|
|
|
|
log "Deploying Portainer container..."
|
|
docker run -d -p 8000:8000 -p 9443:9443 --name portainer \
|
|
--restart=always \
|
|
-v /var/run/docker.sock:/var/run/docker.sock \
|
|
-v portainer_data:/data \
|
|
-v /opt/portainer/admin_password:/tmp/admin_password \
|
|
portainer/portainer-ee:latest \
|
|
--admin-password-file '/tmp/admin_password'
|
|
|
|
if [ -n "$PORTAINER_LICENSE" ] && [ -n "$PORTAINER_PASSWORD" ]; then
|
|
log "Waiting for Portainer to start up to apply license key via API..."
|
|
for i in {1..15}; do
|
|
if curl -ks -o /dev/null https://localhost:9443/; then
|
|
break
|
|
fi
|
|
sleep 2
|
|
done
|
|
sleep 2 # Extra padding for API initialization
|
|
|
|
log "Authenticating with Portainer API..."
|
|
JWT=$(curl -ks -X POST https://localhost:9443/api/auth \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"Username\":\"admin\",\"Password\":\"$PORTAINER_PASSWORD\"}" | grep -o '"jwt":"[^"]*"' | cut -d'"' -f4)
|
|
|
|
if [ -n "$JWT" ]; then
|
|
log "Applying license key..."
|
|
LICENSE_STATUS=$(curl -ks -w "%{http_code}" -o /dev/null -X POST https://localhost:9443/api/licenses \
|
|
-H "Authorization: Bearer $JWT" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"licenseKey\":\"$PORTAINER_LICENSE\"}")
|
|
|
|
if [ "$LICENSE_STATUS" = "200" ]; then
|
|
log "License key applied successfully!"
|
|
else
|
|
log "WARNING: Failed to apply license key (HTTP $LICENSE_STATUS). You may need to enter it manually."
|
|
fi
|
|
else
|
|
log "WARNING: Failed to authenticate with Portainer API. Please apply the license manually."
|
|
fi
|
|
fi
|
|
|
|
log "=== Portainer Installation Complete ==="
|
|
log "You can now access the Portainer web interface at:"
|
|
log "https://<YOUR_PI_IP_ADDRESS>:9443" |